Currently both iscsi and NFS require pools to be specified when they are
deployed. However, we don't actaully check these pools exist. Leading to
broken containers.
This patch uses the rados client that is part of the mgrmodule to check
that the specified pool exists. As we need to check in 2 different
daemons, a helper method:
def _check_pool_exists(self, pool, service_name):
was added to `cephadm/module.py`.
Fixes: https://tracker.ceph.com/issues/45161
Signed-off-by: Matthew Oliver <moliver@suse.com>
Traceback (most recent call last):
File "test_tmp/tmp.ykMmPiFqIT/cephadm", line 4578, in <module>
r = args.func()
File "test_tmp/tmp.ykMmPiFqIT/cephadm", line 1121, in _default_image
return func()
File "test_tmp/tmp.ykMmPiFqIT/cephadm", line 2489, in command_bootstrap
is_available('mgr', is_mgr_available)
File "test_tmp/tmp.ykMmPiFqIT/cephadm", line 895, in is_available
if func():
File "test_tmp/tmp.ykMmPiFqIT/cephadm", line 2486, in is_mgr_available
out = cli(['status', '-f', 'json-pretty'], timeout=timeout)
File "test_tmp/tmp.ykMmPiFqIT/cephadm", line 2403, in cli
return CephContainer(
File "test_tmp/tmp.ykMmPiFqIT/cephadm", line 2140, in run
out, _, _ = call_throws(
File "test_tmp/tmp.ykMmPiFqIT/cephadm", line 838, in call_throws
raise RuntimeError('Failed command: %s' % ' '.join(command))
Signed-off-by: Michael Fritch <mfritch@suse.com>
a0b453ad33 added the wait state, which can
make PGs stay in active+clean+wait for a while instead of going into
active+clean directly. As far as TEST_auto_repair_bluestore_failed is
concerned, we only care about the repair state being cleared.
Fixes: https://tracker.ceph.com/issues/45075
Signed-off-by: Neha Ojha <nojha@redhat.com>
This is currently only utilized for the case where a newly created image
has mirroring enabled at time of creation, but it could be expanded in the
future if we track writes.
Fixes: https://tracker.ceph.com/issues/44596
Signed-off-by: Jason Dillaman <dillaman@redhat.com>
If the image is clean, it's treated as if it was newly created and
therefore clean since snapshot id 0. The CreateRequest and
CloneRequest state machines pass true for this bool if mirroring
is being enabled during creation.
Signed-off-by: Jason Dillaman <dillaman@redhat.com>
This will be stored in the primary MirrorSnapshotNamespace for use by
the rbd-mirror snapshot replayer.
Signed-off-by: Jason Dillaman <dillaman@redhat.com>
It is only valid for primary snapshots so we can re-use the space
previously used by the primary_snap_id without the need to bump the
version id.
Signed-off-by: Jason Dillaman <dillaman@redhat.com>
This allows the user to enable mirroring while creating, cloning,
copying, importing, or migrating an image.
Signed-off-by: Jason Dillaman <dillaman@redhat.com>
The constructor that took an ImageCtx did not support passing the
non-primary global image id and instead defaulted to an empty string.
Signed-off-by: Jason Dillaman <dillaman@redhat.com>
If attempting to create a snapshot-based mirroring primary snapshot,
the image needs to first be opened. If we weren't supplied an image,
open the image, create the snapshot, and close the image again.
Signed-off-by: Jason Dillaman <dillaman@redhat.com>
Current UTC datetime should be used as `now`, otherwise the expiration
comparison might fail on machines with non-UTC localtime.
Fixes: https://tracker.ceph.com/issues/45149
Signed-off-by: Kiefer Chang <kiefer.chang@suse.com>
A rather trivial change inspired by PR #34702, where an instance of
7*60*60*24 (used to describe the number of seconds in a week) was fixed,
decided to have a look at the code and cleaned a similar case of weird-endian-ness.
Signed-off-by: Jasper Spaans <jasper@startmail.com>
This fixes the selinux errors like this for /etc/target
-----------------------------------
Additional Information:
Source Context system_u:system_r:ceph_t:s0
Target Context system_u:object_r:targetd_etc_rw_t:s0
Target Objects target [ dir ]
Source rbd-target-api
Source Path rbd-target-api
Port <Unknown>
Host ans8
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.14.3-20.el8.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name ans8
Platform Linux ans8 4.18.0-147.el8.x86_64 #1 SMP
Thu Sep 26
15:52:44 UTC 2019 x86_64 x86_64
Alert Count 1
First Seen 2020-01-08 18:39:48 EST
Last Seen 2020-01-08 18:39:48 EST
Local ID 9a13ee18-eaf2-4f2a-872f-2809ee4928f6
Raw Audit Messages
type=AVC msg=audit(1578526788.148:69): avc: denied { search } for
pid=995 comm="rbd-target-api" name="target" dev="sda1" ino=52198
scontext=system_u:system_r:ceph_t:s0
tcontext=system_u:object_r:targetd_etc_rw_t:s0 tclass=dir permissive=1
Hash: rbd-target-api,ceph_t,targetd_etc_rw_t,dir,search
which are a result of the rtslib library the ceph-iscsi daemons use
accessing /etc/target to read/write a file which stores meta data the
target uses.
Signed-off-by: Mike Christie <mchristi@redhat.com>
This fixes the the following selinux error when using ceph-iscsi's
rbd-target-api daemon (rbd-target-gw has the same issue). They are
a result of the a python library, rtslib, which the daemons use.
Additional Information:
Source Context system_u:system_r:ceph_t:s0
Target Context system_u:object_r:configfs_t:s0
Target Objects
/sys/kernel/config/target/iscsi/iqn.2003-01.com.re
dhat:ceph-iscsi/tpgt_1/attrib/authentication
[
file ]
Source rbd-target-api
Source Path /usr/libexec/platform-python3.6
Port <Unknown>
Host ans8
Source RPM Packages platform-python-3.6.8-15.1.el8.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.14.3-20.el8.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name ans8
Platform Linux ans8 4.18.0-147.el8.x86_64 #1 SMP
Thu Sep 26
15:52:44 UTC 2019 x86_64 x86_64
Alert Count 1
First Seen 2020-01-08 18:39:47 EST
Last Seen 2020-01-08 18:39:47 EST
Local ID 6f8c3415-7a50-4dc8-b3d2-2621e1d00ca3
Raw Audit Messages
type=AVC msg=audit(1578526787.577:68): avc: denied { ioctl } for
pid=995 comm="rbd-target-api"
path="/sys/kernel/config/target/iscsi/iqn.2003-01.com.redhat:ceph-iscsi/tpgt_1/attrib/authentication"
dev="configfs" ino=25703 ioctlcmd=0x5401
scontext=system_u:system_r:ceph_t:s0
tcontext=system_u:object_r:configfs_t:s0 tclass=file permissive=1
type=SYSCALL msg=audit(1578526787.577:68): arch=x86_64 syscall=ioctl
success=no exit=ENOTTY a0=34 a1=5401 a2=7ffd4f8f1f60 a3=3052cd2d95839b96
items=0 ppid=1 pid=995 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=rbd-target-api
exe=/usr/libexec/platform-python3.6 subj=system_u:system_r:ceph_t:s0
key=(null)
Hash: rbd-target-api,ceph_t,configfs_t,file,ioctl
Signed-off-by: Mike Christie <mchristi@redhat.com>
